A Quantum Leap in Cryptography

Until recently, quantum encryption has been hidden away in specialized laboratories.

But its advocates say the technology – in which single particles of light, or photons, are used to encode data – is now ready to make the leap to the real world. In recent months, the two major vendors of quantum encryption products, id Quantique and MagiQ Technologies, have introduced second-generation products that they say are more straightforward to operate – that is, geared toward network administrators rather than scientists.

Meanwhile, not only is this cutting-edge technology becoming easier to use, but also recent developments may unlock a greater range of applications for it, such as applying it over greater distances, in wireless settings, and to secure satellite communications. Japanese electronics giants NEC Corp. and Toshiba Research Europe Ltd. and leading U.S. technology developer BBN Technologies have all announced successes in extending the range and length of quantum key generation, encoding video as well as audio files, and transmitting the keys or communications through the air as well as optical fiber.

Certainly, scientists have come a long way in the two decades since the idea of quantum cryptography was introduced. Still, the technology has stayed largely in the R&D phase, as researchers have struggled with several technical challenges. Most notably, the distance over which they could convey keys and the ability to generate individual photons have been limited.

In quantum cryptography, single particles of light represent ones and zeros in a binary encryption key. To encode the actual information, the photons are polarized by the sender’s system, that is, the light waves are organized into a single plane. At the other end, a recipient then measures the polarization to retrieve the information.

Since the quantum keys themselves can be as big as the data that’s being encrypted, users can enlist “impenetrable ciphers,” according to Josh Kessler, an analyst and product manager for Boston-based TowerGroup. Such ciphers are extremely secure because the key is never repeated and is as long as the message itself, in contrast to public key encryption, where the key is shorter.

The power of quantum cryptography actually grows out of one of the key principles of quantum mechanics: at the atomic level, any object that is observed is also changed. As a result, someone attempting to steal quantum-encrypted data, by measuring the photons as they travel, would alter the key – an act that legitimate users could detect.

For nearly two decades, the security protocols developed by Rivest, Shamir and Adleman (RSA) for public key encryption have held firm. However, recent security breaches at Bank of America Corp., Wachovia Corp., and LexisNexis – which compromised the financial and personal information of hundreds of thousands of consumers – have exposed the growing problem of data theft. While these scandals were not necessarily the fault of weak encryption or key distribution, they have put greater emphasis on the need for better security surrounding companies’ most sensitive data.

Not surprisingly, at this time the target sectors for quantum security are financial service firms, telecommunications companies, and government agencies – organizations that deal in highly sensitive information and also have the deep pockets to pay for better protection.

At the Infosecurity Europe 2005 trade show in London in April, potential customers got to see the state-of-the-art in quantum cryptography. Geneva, Switzerland-based id Quantique showcased its new turnkey encryption system, which provides a secure connection between two Fast Ethernet fiber-optic networks that can be located up to 100 kilometers apart. Its system, Vectis Link Encryptor, combines quantum key distribution with advanced encryption standards – the quantum keys are distributed securely and continuously over a dedicated optical fiber link, and those keys, in turn, are passed within the appliance to an advanced encryption engine that is used to encrypt and decrypt the information.